The WiKID Strong Authentication server has released an update for the Tomcat server associated with this software. It updates Tomcat to 5.5.27 to address a large amount of vulnerabilities.
a8c41c441cc362473d836e2155189f3679c6855e0acebd1877d9082428c45e77
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
WiKID Systems Security Advisory
Summary
=======
The WiKID Strong Authentication server utilizes the Tomcat application
server for both the WiKIDAdmin web management interface and for
processing one-time passcodes. This release updates Tomcat to 5.5.27
which patches several security vulnerabilities.
Affected Products
=================
The WiKID Strong Authentication Server - Enterprise Edition
The WiKID Strong Authentication Server - Community Edition
References
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
Mitigation
==========
Commercial users may download the most recent RPMs from the website:
http://www.wikidsystems.com/downloads/
Users of the open source community version may download packages from
Sourceforge:
https://sourceforge.net/project/showfiles.php?group_id=144774
- --
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Two-factor authentication, without the hassle factor.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjQATkACgkQvhL875pdRY1NpwCglMttfAfrn720O7foyT/ih1/l
Ss8An0GDsmb2DzLYjer6S9+Qvh0oALiz
=mEYx
-----END PGP SIGNATURE-----